2001-0387A 
Serial No.: 10/017,533 Hied 10/23/2001 
Replocement Sheet 



1/15 



FIG, 1 



100 



MOBILE HOST 






INTERFACE 


^107 



102 




2001-0387A 
Serial No.: 10/017,533 Hied 10/23/2001 
Replacement Sheet 



FIG. 2 



228 
\ 



I 



2/15 



204 



200 



MOBILE HOST 



VSA CLIENT 



202 



212< 
214^ 
216^ 
218^ 
220 > 
222 > 
224 > 
226^ 



230> 
232 H 
234 



LOCAL ACCESS NETWORK ID 



LOCAL ACCESS METHOD (WEB. 
WEP, 802.1X, NONE, BINARY, etc) 



ENCRYPTED LOCAL ACCESS 
AUTHENHCATION CREDENTIAL 



REMOTE NETWORK ID 



VSA SERVER NAME AND/OR IP ADDRESS 
(IF VSA SERVER IS UTILIZED) 



VSA USERNAME (IF VSA SERVER IS 
UHLIZED) 



ENCRYPTED VSA PASSWORD 
(IF "HME-VARYING OPTION IS ENABLED) 



REMOTE ACCESS METHOD (IPsec, 
MOBILE IP. PPP/RADIUS. BINARY, etc) 



REMOTE ACCESS GATEWAY NAME AND/OR 
IP ADDRESS 



ENCRYPTED REMOTE ACCESS 
AUTHENHCAnON CREDENTIAL 



SYNCHRONIZATION TIME 



NUMBER OF LOCAL ACCESS RECORDS 



1ST LOCAL ACCESS RECORD 



2ND LOCAL ACCESS RECORD 



^206 



J 



2001-0387A 
Serial No.: 10/017,533 Hied 10/23/2001 
Repkicement Sheet 



FIG. 3 

302^ 

304 >^ 
306^ 
308^ 



3U> 



316> 



324 
326- 
328- 

330- 
334' 



3/15 



300 ^ AUTHENTICATION PROCESTQ 

SUBMIT COMMON PASSWORD AND SELECT 
TARGETED REMOTE NETWORK FROM ACCESS UST 
I 

GENERATE VSA PASSWORD AND CALCULATE 
DECRYPTION KEY 
\ 

REMOVE COMMON PASSWORD FROM MEMORY 
\ 



CHECK STORED LOCAL ACCESS ID AND 
LOCAL ACCESS INFORMATION 




DECRYPT AUTHENTICATION CREDENTIALS 
STORED ON MOBILE HOST 

\ 

SEND VSA PASSWORD AND AUTHENTICAHON 
CREDENTIALS TO LOCAL ACCESS NETWORK 




CONTACT VSA SERVER 
t 



SEND VSA USERNAME AND SYNCHRONIZAHON TIME 



T 



SEND UPDATED R EMOTE ACCESS PARAMETERS 
\ 



UPDATE LOCAL AND REMOTE ACCESS 
INFORMATION FOR VSA CLIENT 

\ 



ESTABLISH REMOTE ACCESS CONNECTION 
WITH REMOTE NETWORK GATEWAY 



2001-0387A 
Serial No.: 10/017.533 nied 10/23/2001 
Replacement Sheet 



FIG. 4 



4/15 




420 > 
422- 
424' 
425' 
426' 



HASHED VSA PASSWORD 



REMOTE ACCESS METHOD (IPsec, 
MOBILE IP, PPP/RADIUS. BINARY, etc) 



REMOTE ACCESS GATEWAY NAME AND/OR 
IP ADDRESS 



REMOTE ACCESS 
AUTHENTICATION CREDENTIAL 



REMOTE ACCESS MANAGEMENT METHOD 
(MANUAL. WEB, VSA, BINARY, etc) 



REMOTE ACCESS MANAGEMENT 
AUTHENHCATION CREDENTIAL 



SYNCHRONIZATON TIME 



LAST CONFIRMED SYNCHRONIZATION TIME 



NUMBER OF LOCAL ACCESS 
MANAGEMENT RECORDS 



1st LOCAL ACCESS MANAGEMENT RECORD 



2nd LOCAL ACCESS MANAGEMENT RECORD 



438 < 
440- 
442' 

444' 
446- 



448 <^ 



HASHED VSA PASSWORD 



SYNCHRONIZATION HME 



UST CONFIRMED 
SYNCHRONIZAHON HME 



NUMBER OF LOCAL ACCESS 
MANAGEMENT RECORDS 



1st LOCAL ACCESS 
MANAGEMENT RECORD 



2nd LOCAL ACCESS 
MANAGEMENT RECORD 



2001-0387A 
Serial No.: 10/017.533 FHed 10/23/2001 
Replacement Sheet 



5/15 

FIG. 5 

500 



LOCAL ACCESS NETWORK ID 


^502 


LOCAL ACCESS METHOD (WEB, WEP, 802.h, NONE, BINARY, etc) 


^504 


LOCAL ACCESS AUTHENHCATION CREDENTIAL 


^506 


LOCAL ACCESS MANAGEMENT METHOD (MANUAL, WEB, BINARY, etc) 


^508 


LOCAL AAA SERVER NAME AND/OR IP ADDRESS 


^510 


LOCAL ACCESS MANAGEMENT AUTHENTICAHON CREDENTIAL 


^512 



FIG. 6 

600 



REMOTE NETWORK ID ^602 



VSA SERVER NAME AND/OR IP ADDRESS ^604 
VSA USERNAME ^606 
VSA PASSWORD ^608 

SYNCHRONIZATION HME -610 

NUMBER OF LOCAL ACCESS RECORDS -612 



1st LOCAL ACCESS RECORD 



2nd LOCAL ACCESS RECORD ^614 

: 1/ 



2001-0387A 
Serial No.: 10/017,533 Filed 10/23/2001 
Replacement Sheet 



6/15 



FIG, 7A 



700 KVSA INFORMAHON UPDATE PROTOCOL ) 



702 « 



CONSTRUCT VSA INFORMATION 
UPDATE REQUEST MESSAGE Q 



E 



704 H SEND Q AND MAC TO VSA SERVER | 



706 « 



E 



LOOK FOR VSA MANAGEMENT RECORD 
THAT MATCHES VSA USERNAME 




710« 



RETRIEVE HASHED VSA PASSWORD, 
CALCULATE DECRYPTION KEY K1, DECRYPT 
SYNC. nME AND MESSAGE CONTENT 








714 










SEND DENIAL CODE 




TO VSA CLIENT/MH 


NO 







716 



718' 



720- 



SAVE SYNC, TIME AS UST CONFIRMED 
SYNC, TIME IN VSA MANAGEMEN T RECORD 



GENERATE RANDOM SEQUENCE Y, 
CALCULATE ENCRYPTION KEY K2, AND 
CONSTRUCT VSA INFORMATION 
UPDATE RESPONSE MESSAGE A 

SEND A AND MAC TO VSA CUENT/MH | 

— V — 



TO no. 7B 



2001-0387A 
Serial No.: 10/017.533 RIed 10/23/2001 
Replacement Sheet 



FIG. 7B 



FROM FIG.7A 



VERIFY RESPONSE CODE 



722 




DECRYPT UPDATE RESPONSE 
MESSAGE, SAVE UPDATED 
INFORMATION INTO 
CORRESPONDING VSA 
ACCESS RECORD ON MH, 
AND UPDATE SYNC. TIME 

s 

734 



DELETE CORRESPONDING 
VSA ACCESS RECORD 
ON MH 

s 

732 



728 

IGNORE 
RESPONSE MESSAGE 



RESEND VSA 
UPDATE REQUEST 
(no. 7A) 

— S — 

730 



2001-0387A 
Serial No.: 10/017,533 Hied 10/23/2001 
Replacement Sheet 




2001-0387A 
Serial No.: 10/017,533 Hied 10/23/2001 
Replaceinent Sheet 



9/15 



CO 




CO 




CJ) 


1 . 1 


AC 


EMI 






EMOT[ 


MANA 







Of 




CD 


o 












LiJ ^ 

to O 










CD U 
1 


CO 


Co 

CO 




LU 














si 


CD 















oo 



tn 




oo 






CO 
LU 




ZD 




or 




UJ 


o 









OO 

oo 



to 




oo 


LU 


LU 


OO 


c»> 






o 








OO 
LU 



















OO 




ro 
OO 


OO 
ro 
OO 


<^ 


<^ 


OO 
CO 

1 . 1 






tn 

OO 


:mote acci 

REQUEST 






:M0TE ACC! 
RESPONSE 


Our 









2001-0387A 
Serial No.: 10/017,533 Hied 10/23/2001 
Replocement Sheet 




2001-0387A 
Serial No.: 10/017,533 Hied 10/23/2001 
Replacement Sheet 



11/15 



CD 



cn J, . 




CM 








o 


l_lJ 
CO 




z 




o_ 


ZD 


CO 


CD 


t— « 


0£ 






o 


LU 






-< 








> 





2001-0387A 
Serial No.: 10/017,533 RIed 10/23/2001 
Replacement Sheet 




2001-0387A 
Serial No.: 10/017.533 Filed 10/23/2001 
Replacement Sheet 



13/15 



o 

o 

00 





<=> 


Cs4 




ro 


oo 

<^ 


OO 


z 








O 


















GURA 

ESrOI 


^ or 




























A CO 

DHATC 
rUAII: 








en 






oo ^ 


> 









2001-0387A 




2001-0387A 
Serial No.: 10/017.533 filed 10/23/2001 
Replacement Sheet 



15/15 




oo 

CSI 

oo 



oo 




oo 




UJ 


OO 


<_> 






o 




Q_ 




OO 
LU 








3 









OO 

oo 



CD 




Cs4 
OO 



CO 







o 

p= 


oo 




o 




a_ 


ZD 


oo 

LiJ 


CD 




Q£ 






o 


UJ 


o 


DA 


-<t 


a. 


oo 
> 


13 



1= 



CD 



UJ CyO 
Q oo 
UJ UJ 



^5 



CO 
ro 
OO 


OO 

ro 
OO 


<^ 




CO 

oo 






OO 

oo 


:M0TE ACC! 
REQUEST 






:mote acci 
response 


0£. 






Of 



